<?php
/*
 * Copyright 2009 Eat Local Food, LLC
 * Copyright (c) 2007 osCommerce (this file was written after
 * code review of osCommerce).
 *
 * This file is part of gwtCommerce.
 *
 * gwtCommerce is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 2 of the License, or
 * (at your option) any later version.
 *
 * gwtCommerce is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with gwtCommerce.  If not, see <http://www.gnu.org/licenses/>.
 */
require_once('includes/configure.php');

//Establish connection to mysql server.
$conector = mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD) or die(mysql_error());
mysql_select_db(DB_DATABASE) or die(mysql_error());

//Inhale the database tablenames.
require_once('includes/database_tables.php');

//Inhale the configuration records from database.
$sqlQuery = 'select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION;
$dataReturned = mysql_query($sqlQuery) or die(mysql_error());
while($row = mysql_fetch_array($dataReturned))
{
	define($row['cfgKey'], $row['cfgValue']);
}

function actionComponent(&$params, $action='query')
{
	define('IN_COMPONENT_CONTROLLER', 'true');
	$url = '';
	reset($params);
	$i = 0;
	while (list($key,$param) = each($params))
	{
		if ($key == 'productId' || $key == 'handle' || $key == 'handles' || $key == 'categoryId' || $key == 'manufacturerId' || $key == 'languageId')
		{
			if ($i == 0) $url = 'php/action_component?' . $key . '=' . $param;
			else $url .= '&' . $key . '=' . $param;
			$i++;
		}
	}
	$url = mysql_real_escape_string($url);

	$accountId = 0;
	$account_session = '0';
	$basket_account_id = 0;
	//Validate Account
	require_once('includes/components/AccountComponent.php');
	$component = new AccountComponent();

	//Validate the Account
	$validateArray = $component->validate($params);
	$accountId = $validateArray['accountId'];
	$account_session = $validateArray['accountSession'];
	$isAdministrator = $validateArray['isAdministrator'];
	$params['accountId'] = $accountId;
	$params['accountSession'] = $account_session;
	$params['isAdministrator'] = $isAdministrator;

	if ($accountId < 0)
	{
		$params['handle'] = 'MultipleResultsComponent';
		$params['handles'] = 'BestSellersComponent,CategoriesComponent,CurrenciesComponent,AccountComponent,InformationComponent,LanguagesComponent,ManufacturersComponent,RandomReviewComponent,SpecialsComponent,WhatsNewComponent,OrderComponent';
		$action='query';
	}

	//Update the Cart
	$basket_account_id = $component->updateCart($params);
	$params['basketAccountId'] = $basket_account_id;

	//Set the current language and inhale the language definitions
	$language_code = DEFAULT_LANGUAGE;
	$languageId = prepare_input($params['languageId']);
	if ($languageId != null)
	{
		$language_id = (int)$languageId;
		$sqlQuery = 'select code from ' . TABLE_LANGUAGES . ' where languages_id=' . $language_id;
		$dataReturned = mysql_query($sqlQuery) or die(mysql_error());
		while($row = mysql_fetch_array($dataReturned))
		{
			$language_code = $row['code'];
			break;
		}
	}
	else
	{
		$sqlQuery = 'select languages_id from ' . TABLE_LANGUAGES . ' where code=\'' . $language_code . '\'';
		$dataReturned = mysql_query($sqlQuery) or die(mysql_error());
		while($row = mysql_fetch_array($dataReturned))
		{
			$language_id = (int)$row['languages_id'];
			break;
		}
	}
	require_once('includes/languages/'.$language_code.'.php');
	$params['languageId'] = $language_id;

	//Set the current currency
	$currency_code = DEFAULT_CURRENCY;
	$currencyId = prepare_input($params['currencyId']);
	if ($currencyId != null)
	{
		$currency_id = (int)$currencyId;
		$sqlQuery = 'select code from ' . TABLE_CURRENCIES . ' where currencies_id=' . $currency_id;
		$dataReturned = mysql_query($sqlQuery) or die(mysql_error());
		while($row = mysql_fetch_array($dataReturned))
		{
			$currency_code = $row['code'];
			break;
		}
	}
	else
	{
		$sqlQuery = 'select currencies_id from ' . TABLE_CURRENCIES . ' where code=\'' . $currency_code . '\'';
		$dataReturned = mysql_query($sqlQuery) or die(mysql_error());
		while($row = mysql_fetch_array($dataReturned))
		{
			$currency_id = (int)$row['currencies_id'];
			break;
		}
	}
	$params['currencyId'] = $currency_id;

	$handle = prepare_input($params['handle']);

	if ($handle == 'MultipleResultsComponent')
	{
		$handles = $params['handles'];
		if ($handles != null)
		{
			$handleArray = explode(',', $handles);
			foreach ($handleArray as $handleValue)
			{
				$handleValue = trim($handleValue);
    				$params['handle'] = $handleValue;

				include_once('includes/components/' . $handleValue . '.php');
				$component = new $handleValue;
				$return = $component->action($params, $action);
				if ($value == null) {
					$value = $return;
				}
				else if ($return != null) {
					$value = array_merge($value, $return);
				}
			}
		}
	}
	else
	{
		include_once('includes/components/' . $handle . '.php');
		$component = new $handle;
		$value = $component->action($params, $action);
	}

	if ($basket_account_id < 0)
	{
		$sql = 'delete from ' . TABLE_CUSTOMERS_BASKET . ' where customers_id = ' . $basket_account_id;
		mysql_query($sql) or die(mysql_error());
		$sql = 'delete from ' . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . ' where customers_id = ' . $basket_account_id;
		mysql_query($sql) or die(mysql_error());

		//TBD perform a catchall delete when negative account_ids are older than 1 day.
	}

	//Who's On-Line
	$current_time = time();
	$xx_mins_ago = ($current_time - 900);

	$sql = "delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'";
	mysql_query($sql) or die(mysql_error());

	$ip = $_SERVER['REMOTE_ADDR'];	
	$name = 'Guest';
	if ($accountId > 0) {
		$name = mysql_real_escape_string(get_account_name((int)$accountId));
		$sqlQuery = 'SELECT session_id from ' . TABLE_WHOS_ONLINE . ' where session_id=\'' . mysql_real_escape_string($account_session) . '\'';
	}
	else {
		$sqlQuery = 'SELECT ip_address from ' . TABLE_WHOS_ONLINE . ' where ip_address=\'' . $ip . '\'';
	}
	
	$dataReturned = mysql_query($sqlQuery) or die(mysql_error());
	$i = 0;
	while($row = mysql_fetch_array($dataReturned))
	{
		$i++;
	}
	if ($i > 0) {
		$sql = 'update ' . TABLE_WHOS_ONLINE . ' set customer_id = ' . (int)$accountId . ', full_name = \'' . $name . '\', ip_address = \''. $ip . '\', time_last_click = \'' . $current_time . '\', last_page_url = \'' . $url . '\' ';
		if ($accountId > 0) {
			$sql .= 'where session_id = \'' . $account_session . '\'';
		}
		else {
			$sql .= 'where ip_address = \'' . $ip . '\'';
		}
	} 
	else {
		$sql = 'insert into ' . TABLE_WHOS_ONLINE . ' (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (' . (int)$accountId . ', \'' . $name . '\', \'' . mysql_real_escape_string($account_session) . '\', \'' . $ip . '\', \'' . $current_time . '\', \'' . $current_time . '\', \'' . $url . '\')';
	}
	mysql_query($sql) or die(mysql_error());

	return $value;
}
?>
